LogAn: HPC System Log Anomaly Detection Tool
Event Type
Workshop
Online Only
Productivity Tools
State of the Practice
W
TimeFriday, 19 November 202111:30am - 12pm CST
LocationOnline
DescriptionWe address the problem of anomaly detection on HPC system log lines, and present a new approach and associated tool implementation for detecting unusual behaviors within syslog. Our tool, LogAn, provides not only statistical anomaly detection which can discover previously unknown behaviors, but also the capability for a user to interact and guide the tool towards syslog messages of interest. We provide a user interface that supports a variety of workflow options, from a high-level view with a snapshot of number of unusual lines found, to a drilled-down view that allows a system administrator to gain more understanding of a flagged line, and to place that line in context. We have find that LogAn is able to detect syslog lines of interest that would not have been caught by existing legacy filters and flags, and provides a crucially-needed, fast, and flexible approach to syslog analysis.
